From owner-svn-ports-all@FreeBSD.ORG Sat Nov 1 19:42:58 2014 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AF9CB875; Sat, 1 Nov 2014 19:42:58 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8198ED65; Sat, 1 Nov 2014 19:42:58 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id sA1Jgw7h006871; Sat, 1 Nov 2014 19:42:58 GMT (envelope-from rea@FreeBSD.org) Received: (from rea@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id sA1JgwuI006863; Sat, 1 Nov 2014 19:42:58 GMT (envelope-from rea@FreeBSD.org) Message-Id: <201411011942.sA1JgwuI006863@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: rea set sender to rea@FreeBSD.org using -f From: Eygene Ryabinkin Date: Sat, 1 Nov 2014 19:42:58 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r372032 - in branches/2014Q4/www/twiki: . files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 Nov 2014 19:42:58 -0000 Author: rea Date: Sat Nov 1 19:42:57 2014 New Revision: 372032 URL: https://svnweb.freebsd.org/changeset/ports/372032 QAT: https://qat.redports.org/buildarchive/r372032/ Log: MFH: r371858 TWiki: fix CVE-2014-7236 This is remote Perl code execution via crafted GET variable "debugenableplugins", http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236 Security: 21ce1840-6107-11e4-9e84-0022156e8794 Approved by: ports-secteam (myself) Added: branches/2014Q4/www/twiki/files/patch-cve-2014-7236 - copied unchanged from r371858, head/www/twiki/files/patch-cve-2014-7236 Modified: branches/2014Q4/www/twiki/Makefile Directory Properties: branches/2014Q4/ (props changed) Modified: branches/2014Q4/www/twiki/Makefile ============================================================================== --- branches/2014Q4/www/twiki/Makefile Sat Nov 1 19:36:38 2014 (r372031) +++ branches/2014Q4/www/twiki/Makefile Sat Nov 1 19:42:57 2014 (r372032) @@ -3,6 +3,7 @@ PORTNAME= twiki PORTVERSION= 5.1.4 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= www MASTER_SITES= SF/${PORTNAME}/TWiki%20for%20all%20Platforms/${DISTNAME} \ @@ -29,6 +30,8 @@ RUN_DEPENDS= \ USES= perl5 tar:tgz WRKSRC= ${WRKDIR}/twiki +USES+= cpe + post-extract: @${RM} -rf ${WRKSRC}/lib/CPAN @${CAT} ${.CURDIR}/../twiki-*/pkg-plist |\ Copied: branches/2014Q4/www/twiki/files/patch-cve-2014-7236 (from r371858, head/www/twiki/files/patch-cve-2014-7236) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q4/www/twiki/files/patch-cve-2014-7236 Sat Nov 1 19:42:57 2014 (r372032, copy of r371858, head/www/twiki/files/patch-cve-2014-7236) @@ -0,0 +1,17 @@ +Obtained-from: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2014-7236 +--- lib/TWiki/Plugins.pm.save1 2014-01-09 02:10:56.000000000 -0500 ++++ lib/TWiki/Plugins.pm 2014-10-01 20:30:36.000000000 -0400 +@@ -186,8 +186,11 @@ + + unless( $allDisabled ) { + if ( $query && defined( $query->param( 'debugenableplugins' ))) { +- @pluginList = split( /[,\s]+/, +- $query->param( 'debugenableplugins' )); ++ @pluginList = ++ grep { /Plugin$/ } ++ map { s/[^a-zA-Z0-9]//go; $_ } # Item7558: Sanitize parameter ++ split( /[,\s]+/, $query->param( 'debugenableplugins' )); ++ + } else { + if( $TWiki::cfg{PluginsOrder} ) { + foreach my $plugin( split( /[,\s]+/,